Snort mailing list archives
Snort Blog: Snort 3.1.16.0 has been released!
From: "Joel Esler \(jesler\) via Snort-sigs" <snort-sigs () lists snort org>
Date: Wed, 3 Nov 2021 17:03:17 +0000
https://blog.snort.org/2021/11/snort-31160-has-been-released.html Snort 3.1.16.0 has been released! [cid:6301FA0D-D1C2-43B6-A042-6A208EA7AD75] The SNORTⓇ team recently released a new version of Snort 3 on Snort.org<https://snort.org/snort3> and the Snort 3 GitHub<https://github.com/snort3/snort3/releases/tag/3.1.13.0>. <https://1.bp.blogspot.com/-ntj3EkCrSqA/YG83tevX5oI/AAAAAAAAAaU/3s-jMVQHRrwrE7eCWnrgDpEcAjYqnmDZwCPcBGAYYCw/s1500/snort3_social_blog%2Bheader.jpg> Snort 3.1.16.0 contains several new features and bug fixes. Here's a complete rundown of what's new in this version. Users are encouraged to update as soon as possible and to upgrade to Snort 3 if they have not already done so. Changes in this release (since 3.1.15.0): * appid: during initialization, skip loading of Lua detectors that don't have validate function * appid: in packet threads, skip loading of detectors that don't have validate function on reload * appid: provide API to give client_app_detection_type * codec: geneve - ensure injected packets have geneve port in outer udp header * detection: refactor mpse serialization * detection: rename PortGroup to the more apt RuleGroup (and related) * detection: replace PortGroup::alloc/free with ctor/dtor * doc: add SIP built-in rule documentation * doc: update built-in rule doc for SMTP, IMAP and POP inspectors * doc: update built-in rules documentation for dns module * doc: update built-in rules documentation for ftp-telnet * doc: updated builtin rules documentation for gtp module * flow: fix warning in flow_cache.cc<http://flow_cache.cc> * flow: use the same pkt_type to link and unlink unidirectional flows * http2_inspect: refactor decoded_headers_buffer for hpack decoding * http_inspect: eliminate cumulative js data processing * http_inspect: handle unordered PDUs for inline/external JavaScript normalization * http_inspect: improve file decompression * hyperscan: sort patterns for dump / load stability * ips: correct fast pattern port group counts * mpse: add md5 check to deserialization * reload: add logs to track reload process * reload: move out reload progress flag to reload tracker * search_engine: support hyperscan serialization * search_engine: support port group serialization * sip: track memory for sip sessions * ssl: disable inspection on alert only at fatal level * stream_tcp: fix init_wscale() to take into account the DECODE_TCP_WS flag * tcp: remove the obsolete GNUC block from TcpOption::next() * tcp: stop on the EOL option in TcpOptIteratorIter::operator++() * utils: add get methods to peek in internal buffer * utils: correct Normalizer's output upon the next scan * wizard: update globbing and max_pattern Snort 3 is the next generation of the Snort Intrusion Prevention System. The GitHub page<https://github.com/snort3/snort3> will walk users through what Snort 3 has to offer and guide users through the steps of getting set up — from download to demo. Users unfamiliar with Snort should start with the Snort Resources page and the Snort 101 video series<https://www.youtube.com/watch?v=W1pb9DFCXLw&ab_channel=CiscoTalosIntelligenceGroup>. You can subscribe<https://www.snort.org/products> to Talos' newest rule detection functionality for as low as $29 a year with a personal account. Be sure and see our business pricing as well here<https://snort.org/products#rule_subscriptions>. Make sure and stay up to date to catch the most emerging threats<https://snort.org/products#rule_subscriptions>.
_______________________________________________ Snort-sigs mailing list Snort-sigs () lists snort org https://lists.snort.org/mailman/listinfo/snort-sigs Please visit http://blog.snort.org for the latest news about Snort! Please follow these rules: https://snort.org/faq/what-is-the-mailing-list-etiquette Visit the Snort.org to subscribe to the official Snort ruleset, make sure to stay up to date to catch the most <a href=" https://snort.org/downloads/#rule-downloads">emerging threats</a>!
Current thread:
- Snort Blog: Snort 3.1.16.0 has been released! Joel Esler (jesler) via Snort-sigs (Nov 03)